89f43c4defb025ce9a65484aacdfbe49d01113952842b9aa4bfe9cf5d65d862a

Sharing

Copy URL

Twitter E-mail

General

Target

89f43c4defb025ce9a65484aacdfbe49d01113952842b9aa4bfe9cf5d65d862a
Size

373KB
MD5

d59547e7f9927d4cd8840e54194b03cd
SHA1

c0f6915f739cabf56816ab4d2fad45928dfda6a9
SHA256

89f43c4defb025ce9a65484aacdfbe49d01113952842b9aa4bfe9cf5d65d862a
SHA512

950ffdab801e5ae18501d3fd2a3660d8673cda7045633edc77d78596ae673cb5983462323707fa7fcc36a34859a3c0c9e7739309b54c260819a4c63188edf0e0
SSDEEP

6144:iXCLUc8AbENbQGvMSp86DHye69nnZKjaFFB2h87RMcwnT:iXCAc8yVsMSvye6nnsjGQ+t8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f43c4defb025ce9a65484aacdfbe49d01113952842b9aa4bfe9cf5d65d862a

Files

89f43c4defb025ce9a65484aacdfbe49d01113952842b9aa4bfe9cf5d65d862a
.exe windows:5 windows x86 arch:x86

7277f7a548e8f2bda7006e1ea4bc6000

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GlobalCompact
CallNamedPipeA
InterlockedIncrement
OpenJobObjectA
GetCurrentProcess
WriteConsoleInputA
GetComputerNameW
GetTimeFormatA
FreeEnvironmentStringsA
GetCommConfig
GetDllDirectoryW
GetCurrencyFormatA
ClearCommBreak
GetConsoleAliasExesW
EnumTimeFormatsA
EnumTimeFormatsW
LoadLibraryW
GetFileAttributesA
GetTimeFormatW
CreateProcessA
GetModuleFileNameW
GetShortPathNameA
InterlockedExchange
GetLogicalDriveStringsA
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
SetFileAttributesA
DefineDosDeviceA
GetTempFileNameA
LoadLibraryA
InterlockedExchangeAdd
OpenEventA
OpenJobObjectW
SetEnvironmentVariableA
GlobalWire
GetModuleFileNameA
GetCurrentDirectoryA
SetFileShortNameA
GetVersionExA
ReadConsoleInputW
LCMapStringW
GetStartupInfoW
RaiseException
HeapAlloc
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
CloseHandle
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rewas
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lajek
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bobalo
Size: 1024B - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vawiz
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7277f7a548e8f2bda7006e1ea4bc6000

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 295KB - Virtual size: 294KB

.data Size: 24KB - Virtual size: 43KB

.rewas Size: 1024B - Virtual size: 1024B

.lajek Size: 512B - Virtual size: 214B

.bobalo Size: 1024B - Virtual size: 923B

.vawiz Size: 1024B - Virtual size: 1024B

.rsrc Size: 49KB - Virtual size: 49KB

.text
Size: 295KB - Virtual size: 294KB

.data
Size: 24KB - Virtual size: 43KB

.rewas
Size: 1024B - Virtual size: 1024B

.lajek
Size: 512B - Virtual size: 214B

.bobalo
Size: 1024B - Virtual size: 923B

.vawiz
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 49KB - Virtual size: 49KB